Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/librandomx-1.1.8/src/aes_hash.cpp
Examining data/librandomx-1.1.8/src/aes_hash.hpp
Examining data/librandomx-1.1.8/src/allocator.cpp
Examining data/librandomx-1.1.8/src/allocator.hpp
Examining data/librandomx-1.1.8/src/argon2.h
Examining data/librandomx-1.1.8/src/argon2_avx2.c
Examining data/librandomx-1.1.8/src/argon2_core.c
Examining data/librandomx-1.1.8/src/argon2_core.h
Examining data/librandomx-1.1.8/src/argon2_ref.c
Examining data/librandomx-1.1.8/src/argon2_ssse3.c
Examining data/librandomx-1.1.8/src/assembly_generator_x86.cpp
Examining data/librandomx-1.1.8/src/assembly_generator_x86.hpp
Examining data/librandomx-1.1.8/src/blake2/blake2-impl.h
Examining data/librandomx-1.1.8/src/blake2/blake2.h
Examining data/librandomx-1.1.8/src/blake2/blake2b.c
Examining data/librandomx-1.1.8/src/blake2/blamka-round-avx2.h
Examining data/librandomx-1.1.8/src/blake2/blamka-round-ref.h
Examining data/librandomx-1.1.8/src/blake2/blamka-round-ssse3.h
Examining data/librandomx-1.1.8/src/blake2/endian.h
Examining data/librandomx-1.1.8/src/blake2_generator.cpp
Examining data/librandomx-1.1.8/src/blake2_generator.hpp
Examining data/librandomx-1.1.8/src/bytecode_machine.cpp
Examining data/librandomx-1.1.8/src/bytecode_machine.hpp
Examining data/librandomx-1.1.8/src/common.hpp
Examining data/librandomx-1.1.8/src/configuration.h
Examining data/librandomx-1.1.8/src/cpu.cpp
Examining data/librandomx-1.1.8/src/cpu.hpp
Examining data/librandomx-1.1.8/src/dataset.cpp
Examining data/librandomx-1.1.8/src/dataset.hpp
Examining data/librandomx-1.1.8/src/instruction.cpp
Examining data/librandomx-1.1.8/src/instruction.hpp
Examining data/librandomx-1.1.8/src/instruction_weights.hpp
Examining data/librandomx-1.1.8/src/instructions_portable.cpp
Examining data/librandomx-1.1.8/src/intrin_portable.h
Examining data/librandomx-1.1.8/src/jit_compiler.hpp
Examining data/librandomx-1.1.8/src/jit_compiler_a64.cpp
Examining data/librandomx-1.1.8/src/jit_compiler_a64.hpp
Examining data/librandomx-1.1.8/src/jit_compiler_a64_static.hpp
Examining data/librandomx-1.1.8/src/jit_compiler_fallback.hpp
Examining data/librandomx-1.1.8/src/jit_compiler_x86.cpp
Examining data/librandomx-1.1.8/src/jit_compiler_x86.hpp
Examining data/librandomx-1.1.8/src/jit_compiler_x86_static.hpp
Examining data/librandomx-1.1.8/src/program.hpp
Examining data/librandomx-1.1.8/src/randomx.cpp
Examining data/librandomx-1.1.8/src/randomx.h
Examining data/librandomx-1.1.8/src/reciprocal.c
Examining data/librandomx-1.1.8/src/reciprocal.h
Examining data/librandomx-1.1.8/src/soft_aes.cpp
Examining data/librandomx-1.1.8/src/soft_aes.h
Examining data/librandomx-1.1.8/src/superscalar.cpp
Examining data/librandomx-1.1.8/src/superscalar.hpp
Examining data/librandomx-1.1.8/src/superscalar_program.hpp
Examining data/librandomx-1.1.8/src/tests/affinity.cpp
Examining data/librandomx-1.1.8/src/tests/affinity.hpp
Examining data/librandomx-1.1.8/src/tests/api-example1.c
Examining data/librandomx-1.1.8/src/tests/api-example2.cpp
Examining data/librandomx-1.1.8/src/tests/benchmark.cpp
Examining data/librandomx-1.1.8/src/tests/code-generator.cpp
Examining data/librandomx-1.1.8/src/tests/jit-performance.cpp
Examining data/librandomx-1.1.8/src/tests/perf-simulation.cpp
Examining data/librandomx-1.1.8/src/tests/rng-tests.cpp
Examining data/librandomx-1.1.8/src/tests/runtime-distr.cpp
Examining data/librandomx-1.1.8/src/tests/scratchpad-entropy.cpp
Examining data/librandomx-1.1.8/src/tests/stopwatch.hpp
Examining data/librandomx-1.1.8/src/tests/superscalar-avalanche.cpp
Examining data/librandomx-1.1.8/src/tests/superscalar-init.cpp
Examining data/librandomx-1.1.8/src/tests/superscalar-stats.cpp
Examining data/librandomx-1.1.8/src/tests/tests.cpp
Examining data/librandomx-1.1.8/src/tests/utility.hpp
Examining data/librandomx-1.1.8/src/virtual_machine.cpp
Examining data/librandomx-1.1.8/src/virtual_machine.hpp
Examining data/librandomx-1.1.8/src/virtual_memory.cpp
Examining data/librandomx-1.1.8/src/virtual_memory.hpp
Examining data/librandomx-1.1.8/src/vm_compiled.cpp
Examining data/librandomx-1.1.8/src/vm_compiled.hpp
Examining data/librandomx-1.1.8/src/vm_compiled_light.cpp
Examining data/librandomx-1.1.8/src/vm_compiled_light.hpp
Examining data/librandomx-1.1.8/src/vm_interpreted.cpp
Examining data/librandomx-1.1.8/src/vm_interpreted.hpp
Examining data/librandomx-1.1.8/src/vm_interpreted_light.cpp
Examining data/librandomx-1.1.8/src/vm_interpreted_light.hpp
FINAL RESULTS:
data/librandomx-1.1.8/src/argon2_avx2.c:127:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state, ((instance->memory + prev_offset)->v), ARGON2_BLOCK_SIZE);
data/librandomx-1.1.8/src/argon2_ref.c:47:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->v, src->v, sizeof(uint64_t) * ARGON2_QWORDS_IN_BLOCK);
data/librandomx-1.1.8/src/argon2_ssse3.c:135:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state, ((instance->memory + prev_offset)->v), ARGON2_BLOCK_SIZE);
data/librandomx-1.1.8/src/blake2/blake2b.c:174:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block, key, keylen);
data/librandomx-1.1.8/src/blake2/blake2b.c:261:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&S->buf[left], pin, fill);
data/librandomx-1.1.8/src/blake2/blake2b.c:275:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&S->buf[S->buflen], pin, inlen);
data/librandomx-1.1.8/src/blake2/blake2b.c:303:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, buffer, S->outlen);
data/librandomx-1.1.8/src/blake2/blake2b.c:385:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, out_buffer, BLAKE2B_OUTBYTES / 2);
data/librandomx-1.1.8/src/blake2/blake2b.c:390:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in_buffer, out_buffer, BLAKE2B_OUTBYTES);
data/librandomx-1.1.8/src/blake2/blake2b.c:393:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, out_buffer, BLAKE2B_OUTBYTES / 2);
data/librandomx-1.1.8/src/blake2/blake2b.c:398:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in_buffer, out_buffer, BLAKE2B_OUTBYTES);
data/librandomx-1.1.8/src/blake2/blake2b.c:401:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, out_buffer, toproduce);
data/librandomx-1.1.8/src/blake2/endian.h:32:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&w, src, sizeof w);
data/librandomx-1.1.8/src/blake2/endian.h:46:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&w, src, sizeof w);
data/librandomx-1.1.8/src/blake2/endian.h:69:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &w, sizeof w);
data/librandomx-1.1.8/src/blake2/endian.h:83:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &w, sizeof w);
data/librandomx-1.1.8/src/blake2_generator.cpp:40:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, seed, seedSize > maxSeedSize ? maxSeedSize : seedSize);
data/librandomx-1.1.8/src/dataset.cpp:189:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, &rl, CacheLineSize);
data/librandomx-1.1.8/src/jit_compiler_a64.cpp:97:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, (void*) randomx_program_aarch64, CodeSize);
data/librandomx-1.1.8/src/jit_compiler_a64.cpp:235:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + codePos, p1, p2 - p1);
data/librandomx-1.1.8/src/jit_compiler_a64.cpp:248:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + codePos, p1, p2 - p1);
data/librandomx-1.1.8/src/jit_compiler_a64.cpp:329:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + codePos, p1, p2 - p1);
data/librandomx-1.1.8/src/jit_compiler_a64.cpp:338:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + codePos, p1, p2 - p1);
data/librandomx-1.1.8/src/jit_compiler_x86.cpp:222:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, codePrologue, prologueSize);
data/librandomx-1.1.8/src/jit_compiler_x86.cpp:223:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + epilogueOffset, codeEpilogue, epilogueSize);
data/librandomx-1.1.8/src/jit_compiler_x86.cpp:244:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + codePos, codeReadDataset, readDatasetSize);
data/librandomx-1.1.8/src/jit_compiler_x86.cpp:262:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + superScalarHashOffset, codeShhInit, codeSshInitSize);
data/librandomx-1.1.8/src/jit_compiler_x86.cpp:293:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, codeDatasetInit, datasetInitSize);
data/librandomx-1.1.8/src/jit_compiler_x86.cpp:307:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + codePos - 48, &pcfg.eMask, sizeof(pcfg.eMask));
data/librandomx-1.1.8/src/jit_compiler_x86.cpp:308:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + codePos, codeLoopLoad, loopLoadSize);
data/librandomx-1.1.8/src/jit_compiler_x86.cpp:328:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + codePos, codeLoopStore, loopStoreSize);
data/librandomx-1.1.8/src/jit_compiler_x86.hpp:91:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + codePos, &val, sizeof val);
data/librandomx-1.1.8/src/jit_compiler_x86.hpp:96:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + codePos, &val, sizeof val);
data/librandomx-1.1.8/src/jit_compiler_x86.hpp:106:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code + codePos, src, count);
data/librandomx-1.1.8/src/tests/api-example1.c:7:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/api-example2.cpp:9:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/benchmark.cpp:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seed[4];
data/librandomx-1.1.8/src/tests/scratchpad-entropy.cpp:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seed[4];
data/librandomx-1.1.8/src/tests/scratchpad-entropy.cpp:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[4];
data/librandomx-1.1.8/src/tests/scratchpad-entropy.cpp:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/superscalar-avalanche.cpp:26:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rb, ra, sizeof rb);
data/librandomx-1.1.8/src/tests/tests.cpp:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[H / 2];
data/librandomx-1.1.8/src/tests/tests.cpp:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testHash[32];
data/librandomx-1.1.8/src/tests/tests.cpp:82:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sprogHash[32];
data/librandomx-1.1.8/src/tests/tests.cpp:88:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char superscalarReferences[10][65] = {
data/librandomx-1.1.8/src/tests/tests.cpp:163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char state[64] = { 0 };
data/librandomx-1.1.8/src/tests/tests.cpp:964:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/tests.cpp:970:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/tests.cpp:976:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/tests.cpp:982:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/tests.cpp:988:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/tests.cpp:1059:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash1[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/tests.cpp:1060:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash2[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/tests.cpp:1061:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash3[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/tests.cpp:1079:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[RANDOMX_HASH_SIZE];
data/librandomx-1.1.8/src/tests/utility.hpp:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reference[N / 2];
data/librandomx-1.1.8/src/tests/utility.hpp:92:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (strcmp(argv[i], option) == 0 && (out = atoi(argv[i + 1])) > 0) {
data/librandomx-1.1.8/src/tests/utility.hpp:119:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (*argv[i] != '-' && (out = atoi(argv[i])) > 0) {
data/librandomx-1.1.8/src/vm_compiled.cpp:67:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reg.f, config.eMask, sizeof(config.eMask));
ANALYSIS SUMMARY:
Hits = 59
Lines analyzed = 15895 in approximately 0.91 seconds (17519 lines/second)
Physical Source Lines of Code (SLOC) = 11255
Hits@level = [0] 2 [1] 0 [2] 59 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 61 [1+] 59 [2+] 59 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 5.41981 [1+] 5.24211 [2+] 5.24211 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.